> I don't think you understand what I'm proposing. I am currently cat
> (1)ing /dev/urandom on TCP port 22 in hopes to discourage hackers who
> attempt to break into my system. Its beyond me how this is treading on
> dangerous ground, what systems I'll endanger or what is morally wrong
> with doing this. Brian Micek
>
> On Sat, 2005-11-05 at 15:19 -0500, William Yang wrote:
>
>
>>agenci
>
>

How is what are you planning to do any different from me hosting a
website that attempts to exploit vulnerable web clients? Am I not
responsible for hosting what could be considered hostile content? Are
you responsible for damages to my machine if your /dev/urandom causes me
undo downtime?
You may think that this situation is different than the web example
above, but in reality they are quite similar. You can't know with 100%
certainty that the person requesting resources is a hacker and
attempting to crash their client is what most would consider a hostile
action.
We all realise that there are people who do dumb crap like ssh scanning.
However, I seriously doubt doing anything like this is going to help
your situation; or hinder theirs. In the end you will waste bandwidth
and cpu cycles and as the other poster mentioned, if they are smart
enough to realize what is going on they can probably DoS your machine
with it.
Just keep your ports closed, or keep them open and monitor the activity.
No need to go pissing the scanners off and give them a reason to spend
more time on your systems anyway.
-Alec Warner (Antarus)
--
gentoo-security@g.o mailing list